|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ColdFusion File Upload Exploit
- To: NTBUGTRAQ
LISTSERV.NTBUGTRAQ.COM - Subject: Re: ColdFusion File Upload Exploit
- From: David LeBlanc <dleblancMINDSPRING.COM>
- Date: Tue, 15 Sep 1998 08:50:07 -0400
- Comments: To: INFO2000 TECH <colbyINFO2000.NET>
- In-Reply-To: <199809150101.VAA00170camel9.mindspring.com>
- Reply-To: David LeBlanc <dleblancMINDSPRING.COM>
- Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>
At 12:12 PM 9/14/98 -0600, INFO2000 TECH wrote: >The following message was posted to the Allaire's COLD FUSION forums: > > >As previously noticed in the thread: > http://forums.allaire.com/devconf/Thread_MessageList.cfm?&&Message_ID=71293 > >By default, on Windows NT installations, the CF function, GetTempDirectory >returns C:\WINNT. This is incorrect. The API documentation says: The GetTempPath function gets the temporary file path as follows: 1. The path specified by the TMP environment variable. 2. The path specified by the TEMP environment variable, if TMP is not defined. 3. The current directory, if both TMP and TEMP are not defined. I do agree that a temp directory should be specified as a system environment variable. David LeBlanc dleblanc
- Prev by Date: ColdFusion File Upload Exploit
- Next by Date: Re: ColdFusion File Upload Exploit
- Prev by thread: ColdFusion File Upload Exploit
- Next by thread: Re: ColdFusion File Upload Exploit
- Index(es):